<?php
require 'config.php';
switch (@$_GET['a']){
    case 'login':
        if(!empty($_POST['uname']) && !empty($_POST['pwd']) && !empty($_POST['yan'])){
            $uname = $_POST['uname'];
            $pwd = $_POST['pwd'];
            $yan = $_POST['yan'];
            $cook = $_COOKIE['coke'];
            $sql = "select * from user where userName='{$uname}' and password='{$pwd}' and status=1";
            $result = mysqli_query($link,$sql);
            $rows = mysqli_fetch_assoc($result);
            if ($rows) {
            	if ($rows['auth'] ==3 ) {
            	    setcookie('auth','超级管理员',time()+3600*24,'/');
                    setcookie('uname',$uname,time()+3600*24,'/');
                    if($yan == $cook){
                        echo "<script>alert('登录成功！');window.location.href='admin.php';</script>";die;
                    }
                    else{
                        echo "<script>alert('验证码错误');window.location.href='index.php';</script>";die;
                    }

            	}elseif ($rows['auth'] ==2) {
            		  setcookie('auth','管理员',time()+3600*24,'/');
                    setcookie('uname',$uname,time()+3600*24,'/');
                    if($yan == $cook){
                        echo "<script>alert('登录成功！');window.location.href='admin.php';</script>";die;
                    }
                    else{
                        echo "<script>alert('验证失败');window.location.href='index.php';</script>";die;
                    }
            	}
                else{
                    echo "<script>alert('权限不够');window.location.href='index.php';</script>";die;
                }
            }else{
                echo "<script>alert('用户名不存在');window.location.href='index.php';</script>";die;
            }

            mysqli_free_result($result);
            mysqli_close($link);
        }


        else{
            echo "<script>alert('内容不能为空');window.location.href='index.php';</script>";die;
        }
        break;

        case 'exit':
                $time = date('Y-m-d H:i:s');
                $uname = $_COOKIE['uname'];
                $sql ="update user set lastlogin = '{$time}' where userName = '{$uname}'";
                mysqli_query($link,$sql);
                if (mysqli_affected_rows($link)>0){
                    setcookie('uname','',time()-1,'/');
                    setcookie('auth','',time()-1,'/');
                    echo "<script>alert('退出成功');window.location.href='index.php';</script>";die;

                }else{
                    setcookie('uname','',time()-1,'/');
                    setcookie('auth','',time()-1,'/');
                    echo "<script>alert('退出成功');window.location.href='index.php';</script>";die;
                }
                mysqli_close($link);
		        break;



        default:
			  echo "<script>alert('什么鬼');window.location.href='index.php';</script>";die;

}

